Feb 3, 2009

Many of you learned in school, or while studying for exams that TCP/IP was not really built around security. When it was conceived, it was intended to share information freely. Why need security when we are giving everything away for free anyway right? Then came along e-commerce, and other proprietary interests all sharing the same internet. That is when the bad guys came in also right?

Most of you already know that there are plenty of unsecured protocols still in use today. The unsecured protocols transfer data in plain text across the wire. Back in the care free days, this wasn't a big deal, but in modern times, just about anyone can snatch that open goodness right off the wire and use that info against you. Yes, even passwords.

In the previous two posts about Forgotten passwords, I mentioned two tools from Nirsoft. Both of those talked about finding passwords for clients. What if you don't have a supported client? How are supposed to recover your password?

Lets say that you have a computer where your email password to your POP3 email account is cached. You can fire up a tool from Nirsoft called SniffPass which will listen on your network for unsecured protocols like POP3. Once SniffPass is listening in, you can fire up your client. When it authenticates with the server, SniffPass will capture your password. Awe, that's right! My password was B@n@n@13!

SniffPass works on the following protocols:

POP3

IMAP4

SMTP

FTP

HTTP

If you are worried about hackers using this tool, make sure that you use encryption for your email. Services like Gmail offer POP3 email over TLS encryption for your protection.

Come back for Part IV where I will help you find forgotten passwords for your protected PST files!